[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Compatibility with IDNA
--On Wednesday, 12 February, 2003 02:30 +0000 "Adam M. Costello"
The real question is how to deal with the minimum quoting
required by RFC 2821. Is that considered part of the email
address? For example, how is that quoting handled if such an
email address is included as a DNS label? Do MTAs match the
email address ``"joe user"@example.com'' against the login
name ``joe user'' or agains ``"joe user"''?
I was wondering the same thing myself this morning. You can
also ask the question in the other direction. If I find
in an SOA record, and I want to send mail there, do I need to
compose the To: field like this:
The "only the receiving MTA gets to mess with the local-part"
rule has been historically interpreted _very_ strictly and bad
things have happened when it isn't. The general intent is that
''joe user'' and ''"joe user"''
be treated as equal and that
''foo'' and ''\"foo\"''
be equivalent as well, although, in the ''\"foo\"'' case, the
minimal quoting rule is violated.
However, the specifications very carefully avoid the assumption
that a mailbox name bears any relationship to a login name.
Some users, systems, and administrators find that relationships
convenient. At the other extreme, some believe that having a
mailbox name match the user name is an unnecessary and
undesirable disclosure of information that puts important
information into the hands of potential crackers and they simply
won't permit it. So one answer would be that the question
"which form matches the user name" is irrelevant; the only
important question is "which form the receiving/delivery MTA
will interprets as matching the internal mailbox (or maildrop)
There is a second principle, which is that mailbox names, unlike
most traditional DNS strings, get really close to user
command-level interfaces. And command interfaces have a history
of mucking up quoting conventions in a big way. Different
operating systems foul up things in different ways, just to make
things interesting. People who write code for the Internet
email environment have discovered, after years and years of
abuse of the system, a need to get really conservative about
anything they actually want to have delivered. Smart email
administrators tend to avoid configuring "joe user" as a mailbox
name, or make sure that "joe.user", or something else that
doesn't require quoting, is supported as a recommended alias.
Similarly, despite the fact that the SOA record mailbox form
is perfectly well defined as equivalent to joe.user@xxxxxxxxxxx,
folks who are more interested in making sure that the domain
admin mailbox can be contacted than they are in demonstrating
how much they know about the DNS usually set up names or aliases
to avoid having to deal with periods in the local part. And
receiving/delivery MTAs (or the associated alias mechanisms)
written by people with a strong "the mail must go through if I
can possibly figure out what was intended" mentality are usually
configured so that
and maybe even
""""joe user" and
and all of their case variants, end up pointing to the same
maildrop. That is either the robustness principle carried to
one of its extremes or just good sense. But nothing requires
that all of those cases be treated the same, any more than
anything requires case-matching. Consequently, a
sending/originating MUA that makes strong assumptions about how
the delivery MTA is going to interpret local-parts will, at
best, violate the protocols and periodically end up with
undeliverable mail or, at worst, do fairly severe violence to
the email environment.